Skills
skills/xyenon/agents/searxng-search/Gen Agent Trust Hub

searxng-search

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from external search results.
  • Ingestion points: Search result fields such as title, content, and infobox content are parsed from the SearXNG JSON response in scripts/search.py and printed to the agent's context.
  • Boundary markers: The script uses Markdown headers and styling (e.g., ## [title](url)) to format results, but does not implement explicit boundary delimiters or 'ignore embedded instructions' warnings to prevent the agent from following instructions found within search snippets.
  • Capability inventory: The skill uses urllib.request for network communication and is executed via the Bash tool.
  • Sanitization: There is no evidence of sanitization or filtering of the content retrieved from search results before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:30 PM